- September 30, 2020
- Posted by: Keith Frechette
- Categories: Blog, Featured
The digital transformation era ushered in emerging technologies, such as cloud computing, machine learning, intelligent automation, etc. As such, organizations across critical industries, including the manufacturing industry, pivoted their operational processes to align with the benefits associated with emerging technologies. However, this rapid evolution introduced cybersecurity risks, threats, and vulnerabilities that continue to compromise critical assets, thus resulting in pervasive Intellectual Property thefts worth Billions of Dollars.
In the era of heightened technological advancement, there are research and development efforts required to actualize the functionalities of new and improved products, services, and processes. Therefore, Intellectual Property (IP) consists of unique innovation that results in the creativity of patentable inventions, trade secrets, trademarks, etc.
For the manufacturing industry, IPs provide a competitive advantage that affords an organization the rights and privileges to benefit from the financial incentives related to the market’s response to innovation. Additionally, it helps to spur economic growth, especially within industries that are critical to National Security.
Unfortunately, IP theft continues to impose an annual loss of $300 – $600 Billion. IP theft has become a national security concern for the United States, as adversarial nation-states leverage cyberespionage tactics to deploy stealth robbery. As such, it is imperative that stakeholders are equipped with the knowledge and awareness required to defend against Intellectual Property compromises.
Alarming Chinese Interference – A Threat to IP (Intellectual Property)
The modus operandi of Chinese-sponsored threat actors is to exploit systems vulnerabilities, which allows them to gain unauthorized access into secure computing environments for the purpose of stealing sensitive trade secrets. According to the U.S. Department of Justice, stolen trade secrets from U.S. manufacturing companies are reverse engineered and used to erect competitive Chinese-based companies, thus disrupting U.S. products in the global market.
Below are some of the most recent statistics surrounding Intellectual Property thefts creating significant concern for U.S. companies:
- S. President Donald Trump says that the central sticking point of contention in the trade deal between the U.S. and the Chinese governments is the rampant Chinese theft of intellectual property and other trade secrets.
- In the CNBC Global CFO Council, about one-third of the North America-based organizations’ CFOs agreed that the Chinese organizations have stolen from them at some point in the past decade.
- The FBI has even identified China as one of the greatest law enforcement threats to the US. The FBI director has pointed out that China is trying to get hands-on American technology by ‘any means possible.’
Best Practices to Safeguard the Organizations against IP Theft
IP theft related to a manufacturing organization’s confidential information is no small risk, and trade secrets constitute 91% of all theft in manufacturing organizations. Hence, measures must be taken to ensure the organization’s IP assets are secure from cyber espionage and malicious actors’ hands. Here are some basic steps that a manufacturing organization can take to prevent IP theft to a great extent.
- Prioritize proactive countermeasures – Before improving the IT infrastructures supporting the development and storage of Intellectual Property, it is essential to catalogue all critical data assets, including IP data, that is present in your manufacturing organization. Additionally, it is necessary to be aware of who is authorized to access said critical data.
- Implement robust data security policies – To safeguard the IP assets of an organization, it is vital to implement robust data security policies that are developed and/or recommended by cybersecurity experts. A fundamental data security policy should consist of data lifecycle management, data backup and recovery plans, as well as penalties for users who are in violation of the policy.
- Educate employees and monitor behavior – Inside attacks are one of the most successful methods of crippling a corporate systems and stealing Intellectual Property. Even if employees do not have any malicious intentions, they can compromise the sensitive data by making critical mistakes due to low cybersecurity awareness. Therefore, cybersecurity awareness programs are vital to any manufacturing organization.
Foundational cybersecurity training programs should cover the following concepts:
- Potential social engineering threats such as phishing and spoofing.
- The consequences of a cyberattack, and dealing with the aftermath of an attack.
- Organizational access control and password management.
- Identification and response to security incidents.
To effectively protect the research and development processes that result in IP assets within the manufacturing industry, companies must establish policies and procedures focused on safeguarding physical and electronic data in-use and/or data in storage. Therefore, appropriate privacy and security configuration must be applied to information assets on-premises and in the Cloud.